Microsoft Windows Server 2022 23H2 vulnerabilities

1,380 known vulnerabilities affecting microsoft/windows_server_2022_23h2.

Total CVEs

1,380

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL22HIGH958MEDIUM394LOW6

Vulnerabilities

Page 39 of 69

CVE-2025-21409HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21409 [HIGH] CWE-122 CVE-2025-21409: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21234HIGHCVSS 7.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21234 [HIGH] CWE-20 CVE-2025-21234: Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

nvd

CVE-2025-21339HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21339 [HIGH] CWE-122 CVE-2025-21339: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21417HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21417 [HIGH] CWE-122 CVE-2025-21417: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21281HIGHCVSS 7.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21281 [HIGH] CWE-416 CVE-2025-21281: Microsoft COM for Windows Elevation of Privilege Vulnerability Microsoft COM for Windows Elevation of Privilege Vulnerability

nvd

CVE-2025-21286HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21286 [HIGH] CWE-122 CVE-2025-21286: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21303HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21303 [HIGH] CWE-122 CVE-2025-21303: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21244HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21244 [HIGH] CWE-190 CVE-2025-21244: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21372HIGHCVSS 7.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21372 [HIGH] CWE-416 CVE-2025-21372: Microsoft Brokering File System Elevation of Privilege Vulnerability Microsoft Brokering File System Elevation of Privilege Vulnerability

nvd

CVE-2025-21287HIGHCVSS 7.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21287 [HIGH] CWE-269 CVE-2025-21287: Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability

nvd

CVE-2025-21224HIGHCVSS 8.1fixed in 10.0.25398.13692025-01-14

CVE-2025-21224 [HIGH] CWE-416 CVE-2025-21224: Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

nvd

CVE-2025-21334HIGHCVSS 7.8KEVfixed in 10.0.25398.13692025-01-14

CVE-2025-21334 [HIGH] CWE-416 CVE-2025-21334: Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

nvd

CVE-2025-21289HIGHCVSS 7.5fixed in 10.0.25398.13692025-01-14

CVE-2025-21289 [HIGH] CWE-400 CVE-2025-21289: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

nvd

CVE-2025-21389HIGHCVSS 7.5fixed in 10.0.25398.13692025-01-14

CVE-2025-21389 [HIGH] CWE-400 CVE-2025-21389: Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an un Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny service over a network.

nvd

CVE-2025-21295HIGHCVSS 8.1fixed in 10.0.25398.13692025-01-14

CVE-2025-21295 [HIGH] CWE-416 CVE-2025-21295: SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

nvd

CVE-2025-21302HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21302 [HIGH] CWE-122 CVE-2025-21302: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21294HIGHCVSS 8.1fixed in 10.0.25398.13692025-01-14

CVE-2025-21294 [HIGH] CWE-591 CVE-2025-21294: Microsoft Digest Authentication Remote Code Execution Vulnerability Microsoft Digest Authentication Remote Code Execution Vulnerability

nvd

CVE-2025-21332HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21332 [HIGH] CWE-41 CVE-2025-21332: MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability

nvd

CVE-2025-21292HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21292 [HIGH] CWE-94 CVE-2025-21292: Windows Search Service Elevation of Privilege Vulnerability Windows Search Service Elevation of Privilege Vulnerability

nvd

CVE-2025-21305HIGHCVSS 8.8fixed in 10.0.25398.13692025-01-14

CVE-2025-21305 [HIGH] CWE-122 CVE-2025-21305: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

← Previous39 / 69Next →